Summary
This security update resolves a vulnerability in Skype for Business and Microsoft Lync. The vulnerability could allow information disclosure if an attacker invites a user to an instant message session and then sends that user a message that contains specially crafted JavaScript content. To learn more about the vulnerability, see Microsoft Security Bulletin MS15-123.
More information about this security update
The following articles contain more information about this security update as it relates to individual product versions. The articles may contain known issue information.
-
3101496 MS15-116 and MS15-123: Description of the security update for Lync 2013 (Skype for Business): November 10, 2015
-
3096738 MS15-123: Description of the security update for Lync 2010 Attendee (admin level install): November 10, 2015
-
3096736 MS15-123: Description of the security update for Lync 2010 Attendee (user level install): November 10, 2015
-
3096735 MS15-123: Description of the security update for Lync 2010: November 10, 2015
-
3085634Â MS15-116 and MS15-123: Description of the security update for Skype for Business 2016: November 10, 2015
This security update also includes the following nonsecurity-related cumulative update:
-
3108096 Skype for Business November 2015 cumulative update for Crestron RL, Polycom CX8000, and SMART Room System (KB3108096)
Microsoft Lync 2010, Microsoft Lync 2010 Attendee, Microsoft Lync 2013 (Skype for Business), Microsoft Lync Basic 2013 (Skype for Business Basic), Skype for Business 2016, and Skype for Business Basic 2016Reference table
The following table contains the security update information for this software.
Security update file name |
For Microsoft Lync 2010 (32-bit) (3096735): |
|
For Microsoft Lync 2010 (64-bit) (3096735): |
For Microsoft Lync 2010 Attendee (user level install) (3096736): |
|
|
For Microsoft Lync 2010 Attendee (admin level install) (3096738): |
|
For all supported 32-bit editions of Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic): |
|
For all supported 64-bit editions of Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic): |
|
For all supported 32-bit editions of Skype for Business 2016 and Skype for Business Basic 2016: |
|
For all supported 64-bit editions of Skype for Business Basic 2016: |
Installation switches |
|
Restart requirement |
In some cases, this update does not require a restart. If the required files are being used, this update will require a restart. If this behavior occurs, you receive a message that advises you to restart. |
Removal information |
Use Add or Remove Programs item in Control Panel. |
File information |
For all supported editions of Microsoft Lync 2010: |
|
For Microsoft Lync 2010 Attendee (user level install): |
|
For Microsoft Lync 2010 Attendee (admin level install): |
|
For Microsoft Link 2013 (Skype for Business) and Microsoft Link Basic 2013 (Skype for Business Basic): |
|
For Skype for Business 2016 and Skype for Business Basic 2016: |
Registry key verification |
For Microsoft Lync 2010 (32-bit): |
|
For Microsoft Lync 2010 (64-bit): |
|
For Microsoft Lync 2010 Attendee (admin level install): |
|
For Microsoft Lync 2010 Attendee (user level install): |
|
For Microsoft Lync 2013 (Skype for Business) and Microsoft Lync Basic 2013 (Skype for Business Basic): |
|
For Skype for Business 2016 and Skype for Business Basic 2016: |
Microsoft Lync Room SystemReference table
The following table contains the security update information for this software.
Security update file name |
For SMART Room System (3108096): |
|
For Crestron RL (3108096): |
Installation switches |
|
Restart requirement |
A system restart is required after you apply this security update. |
Removal Information |
The updates are removable only by performing a factory reset. |
File information |
For SMART Room System: |
|
For Crestron RL: |
Registry key verification |
For SMART Room System: |
|
For Crestron RL: |
File name |
SHA1 hash |
SHA256 hash |
---|---|---|
AttendeeAdmin.msp |
A22099CBD39776DA7EE5684D2F8C1660FB71E2C8 |
2852B9E5685E4BF22DFC875CE5AF80D5BE4CA1CD0BC3BD34B5A66A19B92043BF |
AttendeeUser.msp |
5B1D73552142D8E10833ED251C85324499E54CA3 |
55E3687D1028AF83DF008D8671C762BCBEA4418B3AC0722CDA1FCAF0A7018897 |
CrestronLyncRoomUpdates.exe |
BC5D328BD296212DE2063356204C7CC82F820A5A |
AE2F0F4FD263B03B8F79DBA587F0FB30F9D1C4D366D1FA071E99C2AA613550BA |
Lync.msp (For x64-based versions) |
33B66E65C61662E3E51F3504C06ED49AF7B76CE6 |
8C4850E9C71325DD71BE0CDB040B09BB8C10917030CE96DC8DE8BE02F30FC5E4 |
Lync.msp (For x86-based versions) |
F06A8F8AC4FD53B4424305A164F9A0C716409DAC |
63559FF9BF347E32A84B554F668558AD8DD0C68853308EE7D52B61C16FD03DB4 |
SMARTLyncRoomUpdates.exe |
A6771BDA5FF97181AF29B64F7D14E94E7E4D7573 |
B2B3294B113933AB52C3681829DB97276B6DD0D7AA7F20BA184EBAC88EF56E97 |
lync2013-kb3101496-fullfile-x64-glb.exe |
3B4187E79E318E93BA3189C11E86D4570623E920 |
08677AD12DB42DE94893FB849B18EE450A95F521F110719C74DD96322EB41173 |
lync2013-kb3101496-fullfile-x86-glb.exe |
321B98C24C9AF6816AA81E3515588988D82DE568 |
7A8EC9A03AF6A503C26641CFEF6AF8BB9D3856D457CA8CC86A4FB55A3591BD01 |
lync2016-kb3085634-fullfile-x64-glb.exe |
6741FDEB39D6B2C65F1F7B950A07C5C701398109 |
27A9C34B9F0EF74599DB460182954AC67A12D36906D0F4C0BD686542EFB9992F |
lync2016-kb3085634-fullfile-x86-glb.exe |
01CFA248C92C3C4E8B0D6CE30CBC6B723EEE0D5E |
611D1E65FEAB3DC9C8CC68B9CCA4E0D93E5BBA1CEC5D705592C343F06EE1F9FB |
Help for installing updates: Support for Microsoft Update
Security solutions for IT professionals: TechNet Security Troubleshooting and Support
Help for protecting your Windows-based computer from viruses and malware: Virus Solution and Security Center
Local support according to your country: International Support